var express = require('express');
var router = express.Router();
var mysql = require("mysql");
var multer  = require('multer');
var dest_dir = 'public/uploads/'
var upload = multer({ dest: dest_dir});
var fs = require('fs');
var md5 = require('md5');

var conn = mysql.createConnection({
    host: 'localhost',
    user: 'root',
    password: '123456',
    database:'oschina'
})
conn.connect();

router.use(function (req, res, next) {
	if(req.session.is_login == true){
		next();
	}else{
		res.redirect('/users/login');
	}
});




router.get('/', function(req, res, next) {
	var username = req.session.username;
	var sql = 'select * from news order by id desc';
	conn.query(sql, function(err, rows, fields){
		var news = rows;
		res.render('articleList',{
			news: news,
			username: username,
			success: req.flash('success')
		});
	})
})



router.get('/addArticle', function(req, res, next) {
	res.render("addArticle",{
		tErr:req.flash('tErr'),
		contErr:req.flash('contErr')
	});
})

router.post('/addArticle',function(req, res, next) {
	console.log(req.body)
	if (req.body.title == "" || req.body.content == "") {
		if (req.body.title == "") {
			req.flash('tErr','标题不能为空');
		}
		if (req.body.content == "") {
			req.flash('contErr','内容不能为空');
		}
		res.redirect('addArticle');
	}else{
		var d = new Date();
		var time = d.getFullYear()+'-'+d.getMonth()+1+'-'+d.getDate()+' '+d.getHours()+':'+d.getMinutes();
		var sql = 'insert into news values (null,"'+req.body.title+'","'+req.body.content+'","'+time+'")';
		console.log(sql);
		conn.query(sql, function(err, rows, fields){
			req.flash('success','添加成功！');
			res.redirect('/admin');
		})
	}
})

router.get('/delArticle', function(req, res, next) {
	var sql = 'DELETE FROM news WHERE Id ='+req.query.id;
	conn.query(sql, function(err, rows, fields){
		res.redirect('/admin');
	})
})
router.get('/updateArticle', function(req, res, next) {
	conn.query('select * from news where id='+req.query.id, function(err, rows, fields){
		var news = rows[0];
		res.render('update',{news: news});
		
	})
})
router.post('/updateArticle', function(req, res, next) {
	var sql = 'update news set title="'+req.body.title+'",content="'+req.body.content+'" where id="'+req.body.id+'"';
	conn.query(sql, function(err, rows, fields){
		res.redirect('/admin');
	})
})

router.get('/logout',function(req,res,next){
	req.session.destroy();
    res.redirect('/users/login');
})

router.get('/modify',function(req,res,next){
	var sql = 'select * from users where users.name = "'+req.session.username+'"'
	conn.query(sql,function(err,rows,fields){
		res.render('modify',{title:'修改用户名和密码',user:rows[0]})
	})
})
router.post('/modify',function(req,res,next){
	req.body.oldpassword=md5(req.body.oldpassword);
	console.log(req.body);
	conn.query()
	if (req.body.oldpassword==req.body.truepass) {
		var password = md5(req.body.password);
		var sql = 'update users set name="'+req.body.name+'", password="'+password+'" where id ='+req.body.id
		conn.query(sql,function(err,rows,fields){
			console.log(sql)
			res.redirect('/users/login')
		})
	}else{
		res.send('密码输入有误');
	}

})
/*
router.post('/fileUpload',upload.single('fileInput'),function(req,res,next){
	//fs.renameSync(req.file.path,dest_dir+req.file.originalname);
	var img = "uploads/"+req.file.originalname;
	res.send(img);
})*/

module.exports = router;